[Pkg-kde-extras] Sponsoring for upload CVE-2016-4414
Pierre Schweitzer
pierre at reactos.org
Sun Jun 5 11:34:53 UTC 2016
Dear all,
The CVE 2016-4414 was identified earlier in Quassel, which allows an
unauthenticated remote DoS in quassel-core. Its associated bug report in
Debian BTS is: #826402.
Please find attached a debdiff & dsc that address the backport for
fixing the vulnerability in Jessie.
Please, note that due 'compilation' issues (Quassel build for jessie
isn't C++11 ready), I removed cosmetic change from the cherrypicked
commit (return 0 -> return nullptr) and only kept functional changes.
Would you be able to sponsor the upload, as I can't?
Thanks for your help.
Cheers,
--
Pierre Schweitzer <pierre at reactos.org>
System & Network Administrator
Senior Kernel Developer
ReactOS Deutschland e.V.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: quassel_0.10.0-2.3+deb8u3.diff
Type: text/x-patch
Size: 3098 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20160605/54363539/attachment.bin>
-------------- next part --------------
Format: 3.0 (quilt)
Source: quassel
Binary: quassel-core, quassel-client, quassel, quassel-data, quassel-client-kde4, quassel-kde4, quassel-data-kde4
Architecture: any all
Version: 1:0.10.0-2.3+deb8u3
Maintainer: Thomas Mueller <thomas.mueller at tmit.eu>
Homepage: http://www.quassel-irc.org
Standards-Version: 3.9.5
Build-Depends: debhelper (>= 9.20120417), libqt4-dev, cmake, libfontconfig1-dev, libfreetype6-dev, libpng-dev, libsm-dev, libice-dev, libxi-dev, libxrandr-dev, libxrender-dev, zlib1g-dev, libssl-dev, libdbus-1-dev, pkg-kde-tools, kdelibs5-dev, libqca2-dev, qt4-dev-tools, libqtwebkit-dev, libindicate-qt-dev, libdbusmenu-qt-dev
Package-List:
quassel deb net optional arch=any
quassel-client deb net optional arch=any
quassel-client-kde4 deb net optional arch=any
quassel-core deb net optional arch=any
quassel-data deb net optional arch=all
quassel-data-kde4 deb net optional arch=all
quassel-kde4 deb net optional arch=any
Checksums-Sha1:
305d56774b1af2a891775a5637174d9048d875a7 2873233 quassel_0.10.0.orig.tar.bz2
295c3381f66c26389a71a17aaf96bf4d5d4ceef0 23684 quassel_0.10.0-2.3+deb8u3.debian.tar.xz
Checksums-Sha256:
68228ce23aa3a992add3d00cb1e8b4863d8ca64bea99c881edf6d16ff9ec7c23 2873233 quassel_0.10.0.orig.tar.bz2
926f4944e6d64e5410e3357d410f172d1266e428585331d3cd91257d901d77cb 23684 quassel_0.10.0-2.3+deb8u3.debian.tar.xz
Files:
382466a7790979c172b7d7edf10a2981 2873233 quassel_0.10.0.orig.tar.bz2
ee244e047e4c961bd811970270a6ccfc 23684 quassel_0.10.0-2.3+deb8u3.debian.tar.xz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20160605/54363539/attachment.sig>
More information about the pkg-kde-extras
mailing list